This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Security Mechanisms Design of Automotive Gateway Firewall
Technical Paper
2019-01-0481
ISSN: 0148-7191, e-ISSN: 2688-3627
This content contains downloadable datasets
Annotation ability available
Sector:
Language:
English
Abstract
Automotive security has become one of important topics in recent years under new automotive Electronic and Electrical Architecture (EEA). With the development of Intelligent Connected Vehicle (ICV), it has become possible to hack an automotive through in-vehicle networks. The introduction of Information Communications Technology (ICT) brings more risk threats to automotive. Researchers have shown that an attacker can easily tamper with many automotive functions via On-Board Diagnostic II (OBD-II) or In-Vehicle Infotainment (IVI). In order to protect automotive against malicious attacks, automotive security risks were analyzed and then security mechanisms based on network firewall were designed in this paper. Automotive network firewall is a security system that monitors and controls incoming and outgoing network traffics of automotive based on predetermined security rules. The main functions of network firewall include packet filter, anti-DoS and access control. Because of deferent security requirements of in-vehicle networks, CAN/FD and Ethernet were divided into two domains respectively. Packet filter mechanisms were designed to monitor CAN/FD, in which security level and time delay were considered. Ethernet firewall mechanisms were designed based on Stateful Packet Filter (SPF) technology. Beside packet filter mechanisms, anti-DoS and access control mechanisms were also designed. Security Real Time Operating System (SRTOS) was introduced to ensure lower layer security. Considering the ECU constraint, Hardware Security Module (HSM) is chosen to implement cryptography function. At last, proposed automotive network firewall were implemented base on a multicore MCU with HSM. The system is evaluated in several aspects such as packet throughput, time delay, anti-attack and memory usage. The evaluation results show that the automotive network firewall is effective and efficient.
Recommended Content
Authors
Topic
Citation
Luo, F. and Hou, S., "Security Mechanisms Design of Automotive Gateway Firewall," SAE Technical Paper 2019-01-0481, 2019, https://doi.org/10.4271/2019-01-0481.Data Sets - Support Documents
Title | Description | Download |
---|---|---|
Unnamed Dataset 1 | ||
Unnamed Dataset 2 | ||
Unnamed Dataset 3 | ||
Unnamed Dataset 4 |
Also In
References
- Alimohammadi , M. , and Pouyan A. A. Sybil Attack Detection Using a Low Cost Short Group Signature in Vanet Paper presented at the 2015 12th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC) Piscataway, NJ, USA Sept. 8-10, 2015
- Boatright , R. and Tardo , J. Security Aspects of Utilizing Ethernet Avb as the Converged Vehicle Backbone SAE Int. J. Passeng. Cars - Electron. Electr. Syst. 5 2 470 478 2012 10.4271/2012-01-0735
- Dariz , L. , Selvatici M. , Ruggeri M. , Costantino G. , et al. Trade-Off Analysis of Safety and Security in Can Bus Communication Paper presented at the 2017 5th IEEE International Conference on Models and Technologies for Intelligent Transportation Systems (MT-ITS) Piscataway, NJ, USA June 26-28, 2017
- Devi Gandhi Usha , and Keerthana R. V. S. M. Request Response Detection Algorithm for Detecting Dos Attack in Vanet Paper presented at the 2014 International Conference on Reliability, Optimization and Information Technology, ICROIT 2014 Faridabad, Haryana, India February 6-8, 2014
- Gmiden , M. , Gmiden M. H. , and Trabelsi H. An Intrusion Detection Method for Securing in-Vehicle Can Bus Paper presented at the 2016 17th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering (STA) Piscataway, NJ, USA Dec. 19-21, 2016
- Iehira , K. , Inoue H. , and Ishida K. Spoofing Attack Using Bus-Off Attacks against a Specific Ecu of the Can Bus Paper presented at the 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC) Piscataway, NJ, USA Jan. 12-15, 2018
- Onishi , H. Approaches for Vehicle Cyber Security Paper presented at the 2014 IEEE Conference on Communications and Network Security Oct. 29-31 2014
- Pathre , Ayonija , Agrawal Chetan , and Jain Anurag A Novel Defense Scheme against Ddos Attack in Vanet Paper presented at the 10th IEEE and IFIP International Conference on Wireless and Optical Communications Networks, WOCN 2013 Bhopal, Madhya Pradesh, India July 26-28, 2013
- Petit , J. , Stottelaar , B. , Feiri , M. , and Kargl , F. Remote Attacks on Automated Vehicles Sensors: Experiments on Camera and Lidar Black Hat Europe 11 2015
- Singh , P. , Sethi T. , Balabantaray B. K. , and Biswal B. B. Advanced Vehicle Security System Paper presented at the 2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS) Piscataway, NJ, USA March 19-20, 2015
- Taylor , Adrian , Japkowicz Nathalie , and Leblanc Sylvain Frequency-Based Anomaly Detection for the Automotive Can Bus Paper presented at the Industrial Control Systems Security 2016
- Woo , S. , Jo , H.J. , and Lee , D.H. A Practical Wireless Attack on the Connected Car and Security Protocol for in-Vehicle Can IEEE Transactions on Intelligent Transportation Systems 16 2 993 1006 2015
- Yang , Y. , Wei , Z. , Zhang , Y. , Lu , H. et al. V2x Security: A Case Study of Anonymous Authentication Pervasive and Mobile Computing 41 259 269 2017
- Zhang , Y. , Ge B. , Li X. , Shi B. , et al. Controlling a Car through Obd Injection Paper presented at the 2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud) June 25-27 2016